Evasion kit for Cobalt Strike

IP Rotation from different providers - Like FireProx but for GCP, Azure, Alibaba and CloudFlare

ZITADEL - Identity infrastructure, simplified for you.

Sliver extension performing TCP redirection tasks without performing cross-process injection.

Reverse Shell as a Service

GitHub Attack Toolkit - Extreme Edition - A static analysis and exploit toolkit for GitHub Actions.

A cross platform library to write offensive and defensive security tools in Go

BloodHound-MCP-AI is integration that connects BloodHound with AI through Model Context Protocol, allowing security professionals to analyze Active Directory attack paths using natural language ins…

freeCodeCamp.org's open-source codebase and curriculum. Learn math, programming, and computer science for free.

The Tick is the next evolution in covert access control system implants for simulating adversary-in-the-middle attacks.

Finders Keypers: AWS KMS Encryption Key Usage and Blast Radius Finder

dev tools, env vars, task runner

A simple, modern and secure encryption tool (and Go library) with small explicit keys, no config options, and UNIX-style composability.

An experimental project using LLM technology to generate security documentation for Open Source Software (OSS) projects

FindUncommonShares is a Python script allowing to quickly find uncommon shares in vast Windows Domains, and filter by READ or WRITE accesses.

Fully decrypt App-Bound Encrypted (ABE) cookies, passwords & payment methods from Chromium-based browsers (Chrome, Brave, Edge) - all in user mode, no admin rights required.

ripgrep recursively searches directories for a regex pattern while respecting your gitignore

A collection of tools Neil and Andy have been working on released in one place and interlinked with previous tools

Advanced Wazuh Rules for more accurate threat detection. Feel free to implement within your own Wazuh environment, contribute, or fork!

Fabric is an open-source framework for augmenting humans using AI. It provides a modular system for solving specific problems using a crowdsourced set of AI prompts that can be used anywhere.

ScriptSentry finds misconfigured and dangerous logon scripts.

Awesome EDR Bypass Resources For Ethical Hacking

An advanced, yet simple, tunneling/pivoting tool that uses a TUN interface.

This tool extracts and displays data from the Recall feature in Windows 11, providing an easy way to access information about your PC's activity snapshots.

smbclient-ng, a fast and user friendly way to interact with SMB shares.

Initial Access and Post-Exploitation Tool for AAD and O365 with a browser-based GUI

SSH based reverse shell

practical toolkit for cybersecurity and IT professionals. It features a detailed Linux cheatsheet for incident response

Threadless Process Injection using remote function hooking.